search

tektoncd / chains

Supply Chain Security in Tekton Pipelines
Apache License 2.0
247 stars 130 forks source link

Add missing fields in `config.md` docs #748

Open PuneetPunamiya opened 1 year ago

PuneetPunamiya commented 1 year ago

Feature request

Currently there are some fields which might be supported as per the code base, but are not included in the config.md docs

Fields from config.go such as 

ociRepositoryInsecureKey   = "storage.oci.repository.insecure"
pubsubProvider             = "storage.pubsub.provider"
pubsubTopic                = "storage.pubsub.topic"
pubsubKafkaBootstrapServer = "storage.pubsub.kafka.bootstrap.servers"

are the fields which are not documented yet in config.md docs

lcarva commented 1 year ago

storage.oci.repository.insecure is honored when uploading payloads to an OCI repository. This allows signatures and attestations to be pushed to an OCI registry without TLS. The value should be either "true" or "false".

storage.pubsub.provider used to configure how payloads are stored with pub sub. Possible values are "inmemory" or "kafka".

storage.pubsub.topic configures the pub sub topic to be used. The value should be a valid topic for the configured storage.pubsub.provider.

pubsubKafkaBootstrapServers holds the kafka server address to be used. NOTE: It looks like this currently only allows a single server value, even though the config key is in the plural form. This may have been an oversight. Adding support to multiple looks trivial.

The pubsub storage is marked as experimental which may be why it's not listed in config.md. pubsub is not mentioned at all there. It is mentioned in experimental.md. So maybe the config options should be documented there instead?

Looking at the code, I don't really see how someone could even enable pubsub today. For example, artifacts.taskrun.storage could be set to "kafka". However, InitializeBackends looks for the "pubsub" value (which the config doesn't accept!). So it looks like this experimental feature is likely abandoned.

Maybe @wlynch has more insight into this?

tekton-robot commented 1 year ago

Issues go stale after 90d of inactivity. Mark the issue as fresh with /remove-lifecycle stale with a justification. Stale issues rot after an additional 30d of inactivity and eventually close. If this issue is safe to close now please do so with /close with a justification. If this issue should be exempted, mark the issue as frozen with /lifecycle frozen with a justification.

/lifecycle stale

Send feedback to tektoncd/plumbing.

lcarva commented 1 year ago

/lifecycle frozen

we should do this.